Everyone wants to avoid being the next Target. Brian Milas, CTO at Courion, explains how to use the rich data generated by identity and access control solutions to reduce risk

InfoWorld|Feb 20, 2014

Week in and week out, big-name companies from Target to Neiman Marcus to Michaels learn the severe consequences of flawed data security. The truth is, even when IT has been armed with the latest security technology, defending against breaches isn't easy. In fact, as attacks get more and more sophisticated, it's getting harder.

In this week's New Tech Forum, Brian Milas, CTO at Courion, offers an in-depth look at the data security problem from the standpoint of user identity and access management. As Milas argues, you can't develop an effective solution without makiing sense of the very large quantity of semi-structured data generated by these gatekeeping systems. -- Paul Venezia

Making sense of "big data" from identity management

Providing employees with access to applications and information is a complex operational challenge. Users require broad and varied access to be productive, but that incurs risk. IT must control access, enforcing the principle of "least privilege" in the face of compliance regulations and the threat of security breaches.

Do it right and business runs efficiently with risks understood, mitigated, and rewarded. Do it wrong and catastrophe looms.

To understand business risk effectively, you must have visibility into the access approved, access granted (which may be different than what was approved), the resources and data behind the access granted, and how access is being used. Years ago this was less complex: Employee and customer data lived in the data center, was accessed during work hours, and was less heavily regulated and audited.

Today, data resides not only in the data center but also in mobile devices and the cloud. It's also regulated, audited, and available to many more audiences than just your employees. Here's one way to break down the problem:

More and different types of identities. In the past, IAM (identity and access management) was primarily concerned with workers. Now contractors, suppliers, customers, partners, affiliates, and even devices have identities.

Data explosion. We're generating and archiving more data than ever before. Recent coverage of the NSA's data analysis efforts reveal just how much data we generate as a nation: 1.8 petabytes daily!

Flexible access. In the past, access was largely consolidated in a data center, but then came desktops, then laptops, then mobile and cloud. Today, users expect access anywhere, everywhere, all the time.

Need for speed. The United States is no longer the only "I want it now!" society. Every globally competitive company is keenly aware of the need to provide access and information immediately, whether to a shop floor employee or to a customer who needs current order status.

Increased security expectations. In the past, security was considered a specialized area, but today, government and industry regulators, auditors, board members, media, and consumers are expected to know the ropes. Increasingly, CISOs are calling for staff to flag new risks as they arise.

Logging everything

What does this all mean to a CISO who is concerned with providing only the right access to the right people at the right time? A whole lot of information about a rapidly expanding universe of electronic identities and their context. At Courion, we call this "big identity data."